sgode/virtual-private-cloud
1
0
Fork 0
forked from docs/virtual-private-cloud
Code Pull Requests Activity
virtual-private-cloud/umn/source/access_control/firewall/modifying_a_firewall_rule.rst

17 KiB
Raw Blame History

original_name

vpc_acl_0005.html

Modifying a Firewall Rule

Scenarios

Modify an inbound or outbound firewall rule based on your network security requirements.

Procedure

  1. Log in to the management console.

  2. Click image1 in the upper left corner and select the desired region and project.

  3. Click image2 in the upper left corner and choose Network > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  4. In the navigation pane on the left, choose Access Control > Firewalls.

  5. Locate the target firewall and click its name to switch to the page showing details of that particular firewall.

  6. On the Inbound Rules or Outbound Rules tab, locate the row that contains the target rule and click Modify in the Operation column. In the displayed dialog box, configure parameters as prompted. Table 1 <vpc_acl_0005__table59686157164549> lists the parameters to be configured.

    Figure 1 Modify Rule
    Table 1 Parameter descriptions
    Parameter Description Example Value
    Type The firewall type. This parameter is mandatory. You can select a value from the drop-down list. Currently, only IPv4 and IPv6 are supported. IPv4
    Action The action in the firewall. This parameter is mandatory. You can select a value from the drop-down list. Currently, the value can be Allow or Deny. Allow
    Protocol

    The protocol supported by the firewall. This parameter is mandatory. You can select a protocol from the drop-down list.

    You can select TCP, UDP, ICMP, or All.

    		 TCP
    Source

    The source from which the traffic is allowed. The source can be an IP address or IP address range.

    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
    • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.
    		 0.0.0.0/0
    Source Port Range

    The source port number or port number range. The value ranges from 1 to 65535. For a port number range, enter two port numbers connected by a hyphen (-). For example, 1-100.

    You must specify this parameter if TCP or UDP is selected for Protocol.

    		 22, or 22-30
    Destination

    The destination to which the traffic is allowed. The destination can be an IP address or IP address range.

    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
    • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.
    		 0.0.0.0/0
    Destination Port Range

    The destination port number or port number range. The value ranges from 1 to 65535. For a port number range, enter two port numbers connected by a hyphen (-). For example, 1-100.

    You must specify this parameter if TCP or UDP is selected for Protocol.

    		 22, or 22-30
    Description

    Supplementary information about the firewall rule. This parameter is optional.

    The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    		 N/A

  7. Click Confirm.